Use of OSM API for non-editing third party applications

Use of OSM API for non-editing third party applications

Hi,

I'm just asking something which was raised as an issue in my Gitlab repository for OpenTrailView (www.opentrailview.org;
fully FOSS 360 panorama site which uses OSM ways to connect panoramas together).

The person who raised the issue requested that OSM logins be used on OpenTrailVIew rather than (as currently) its own login system. I suspect the reason is security-related as it allows users to use an existing trusted
authentication system.

As OpenTrailView does not include provision for editing OSM data, I suspect the answer is no - but is it acceptable for third-party OSM-related sites which do not edit the data to 'piggyback' on OSM's authentication system
like this?

Re: Use of OSM API for non-editing third party applications

There is a large amount of precedent, for example mapillary,
maproulette and lots that I've forgotten. So the answer is likely
that while the website-devs are not in love with it, it is
perfectly acceptable.

Simon

Am 01.08.2019 um 13:52 schrieb Nick
Whitelegg:

Hi,

I'm just asking
something which was raised as an issue in my Gitlab repository
for OpenTrailView (www.opentrailview.org; fully FOSS
360 panorama site which uses OSM ways to connect panoramas
together).

The person who raised
the issue requested that OSM logins be used on OpenTrailVIew
rather than (as currently) its own login system. I suspect the
reason is security-related as it allows users to use an
existing trusted authentication system.

As OpenTrailView does
not include provision for editing OSM data, I suspect the
answer is no - but is it acceptable for third-party
OSM-related sites which do not edit the data to 'piggyback' on
OSM's authentication system like this?

I'm just asking something which was raised as an issue in my Gitlab repository for OpenTrailView (www.opentrailview.org; fully FOSS 360 panorama site which uses OSM ways to connect panoramas together).

The person who raised the issue requested that OSM logins be used on OpenTrailVIew rather than (as currently) its own login system. I suspect the reason is security-related as it allows users to use an existing trusted authentication system.

As OpenTrailView does not include provision for editing OSM data, I suspect the answer is no - but is it acceptable for third-party OSM-related sites which do not edit the data to 'piggyback' on OSM's authentication system like this?

I'm just asking something which was raised as an issue in my Gitlab repository for OpenTrailView (www.opentrailview.org;
fully FOSS 360 panorama site which uses OSM ways to connect panoramas together).

The person who raised the issue requested that OSM logins be used on OpenTrailVIew rather than (as currently) its own login system. I suspect the reason is security-related as it allows users to use an existing trusted
authentication system.

As OpenTrailView does not include provision for editing OSM data, I suspect the answer is no - but is it acceptable for third-party OSM-related sites which do not edit the data to 'piggyback' on OSM's authentication
system like this?

Re: Use of OSM API for non-editing third party applications

In the light of this discussion, and to follow up my original email, one thing I would want to do is associate uploaded panoramas with user IDs, for which I would need the OSM user details API. I would need this to only allow a given user to rotate or move
their own panoramas, and not other users'. I presume this would be acceptable (if mentioned on an appropriate privacy policy)?

I tried to play around with Mapillary to see how they handle OSM authentication but I'm not sure whether it's working correctly- as when I am returned to Mapillary after authentication with OSM, I get the error "User does not exist".

In the light of this discussion, and to follow up my original email, one thing I would want to do is associate uploaded panoramas with user IDs, for which I would need the OSM user details API. I would need this to only allow a given user to rotate or move their own panoramas, and not other users'. I presume this would be acceptable (if mentioned on an appropriate privacy policy)?

I tried to play around with Mapillary to see how they handle OSM authentication but I'm not sure whether it's working correctly- as when I am returned to Mapillary after authentication with OSM, I get the error "User does not exist".